Lead - Security Engineer (AI Security)

Company Description

About Freshworks

Freshworks makes it fast and easy for businesses to delight their customers and employees. We do this by taking a fresh approach to building and delivering software that is affordable, quick to implement, and designed for the end user. More than 50,000 companies -- from startups to public companies -- around the world use Freshworks software-as-a-service to enable a better customer experience (CRM) and employee experience (ITSM, HRSM).
Headquartered in San Mateo, California, Freshworks has a dedicated team operating from 13 global locations to serve 50,000+ customers including Bridgestone, Chargebee, DeliveryHero, ITV, Klarna, Multichoice, OfficeMax, TaylorMade and Vice Media.

Freshworks transforms the way world-class organizations collaborate with customers and co-workers. The suite includes Freshdesk (omni-channel customer support), Freshsales (sales automation), Freshmarketer (marketing automation), Freshservice (IT service desk), Freshteam (HR management system).
Freshworks has received numerous accolades including 2019 Startup of the Year form Economic Times, #16 ranking on the Forbes’ Cloud 100 list and #22 on the Battery Ventures/Glassdoor Best Places to Work in 2020. Our suite of products has also been recognized by analysts including the Gartner Magic Quadrants for CRM Customer Engagement, IT Service Management and Sales Force Automation.

While Freshworks has had incredible organic growth over the last few years, the company also has made targeted acquisitions that add critical capabilities to the portfolio including Natural Language Processing, Chatbots, Machine Learning, Social and Messaging Transformation.
Freshworks has raised over $400 million in capital and is funded by Accel, CapitalG, Sequoia Capital and Tiger Global Management. More information is available at www.Freshworks.com.

At Freshworks, we are creating a global workplace that enables everyone to find their true potential, purpose and passion, irrespective of their background, gender, race, sexual orientation, religion or ethnicity. We are committed to providing equal opportunity for all and believe that diversity in the workplace creates a more vibrant, richer work environment that advances the goals of our employees, our communities and our business.

Job Description

Job Description
Purpose of the Role
In today’s world, any organisation or individual are constantly threatened by cyber attacks. This is proven
through a yearly rise in security incidents and data breaches.
We at Freshworks are committed to preventing such incidents and providing a secure environment for our
customers to run their businesses.
Freshworks is looking for a passionate and self-driven application security engineer who can work
independently and collaboratively to enable development teams to build secure products. You will be
pivotal in integrating and advancing security by working with Developers, Product Owners, Program
Managers, and Security Engineers.
As part of the security engineering team, you will advocate secure AI design principles, build frameworks
to automate AI security testing and conduct security assessments on LLMs/GenAI features to unearth
critical vulnerabilities. We also expect you to deliver pieces of training to development and QA teams.

Responsibilities
Security Assessments:

● Examine the products in detail to discover vulnerabilities and collaborate with the other security
engineers to practically demonstrate the exploitability and risk factors.
● Be on the forefront of emerging vulnerabilities/threats which could affect Freshworks products
through independent research and study. Engage with the developers in developing AI security
solutions and mitigation plans and ensure they are implemented per policy.
● Drive thematic security/privacy assessments on LLMs/GenAIs to discover and exploit unique
risks having a severe business impact.

Threat Modelling:

● Engage with the development teams to conduct secure design reviews/threat modelling
exercises to enumerate threats and mitigation strategies in the AI/ML services.
● Enable developers to gain knowledge of AI security best practices by conducting focused
workshops.
Secure Coding:

● Manage integration and automation of AI security checks in the DevOps pipeline.
● Build secure coding principles for AI/ML services and propagate them across the development
community.
● Be the go-to person for developers in solving critical issues relating to secure product
development.
Training:

● Deliver training programs at various levels in the organisations.
● Conduct workshops/security tech talks to disseminate security knowledge and awareness.
Lead Responsibilities

● Be a role model for the team and provide a healthy platform for the team to learn and grow.
● Collaborate and engage with the cyber security leadership team and provide inputs for decision
support.
● Play the role of solution architect in designing and implementing security engineering programs.

Qualifications

Basic Qualification

● Master or Bachelor of Engineering in Computer Science / Engineering, Masters in Computer
Science, Bachelor of Science in Computer Science.
● 7 to 10 years of application security experience; 4+ years of software development experience is
desirable.
● Prior experience in building and deploying ML systems Familiarity with Machine learning
algorithms
● Proficiency with database systems and schema design encompassing SQL and NoSQL
databases.
● Good knowledge of multiple vulnerability classes, including cross-site scripting, SQL Injection,
code injection,prompt injection, and Model Poisoning.
● Good knowledge of SAML / OAuth / Open ID Connect.
● Good knowledge of programming/scripting languages such as Java and Python.
● Good knowledge relating to services/technology relating to the cloud.
● Ability to automate security testing and improve productivity in security assessments.
● Good understanding and knowledge of web frameworks and architecture.
● Ability to communicate and interpret security vulnerabilities to various audiences, such as
development and management teams.

Advanced Qualification (Good to have, not a Must have)

● Experience in deploying ML projects in production systems with substantial individual
contributions
● Experience conducting security assessments in cloud platforms (SaaS, PaaS, IaaS).
● Published CVEs / research papers/articles about the security of the application layer and related
protocols.

Additional Information

At Freshworks, we are creating a global workplace that enables everyone to find their true potential, purpose, and passion irrespective of their background, gender, race, sexual orientation, religion and ethnicity. We are committed to providing equal opportunity for all and believe that diversity in the workplace creates a more vibrant, richer work environment that advances the goals of our employees, communities and the business.